When technology betrays us

This article was taken from the July 2011 issue
of Wired magazine. Be the first to read Wired's articles in print
before they're posted online, and get your hands on loads of
additional content bysubscribing
online.

A few seconds before the Pembroke-Swansea special came
barrelling down the railway tracks to crush her car, Paula Ceely
sensed something was wrong. Shortly after nightfall, the
20-year-old college student had got out of her car in the pouring
rain to open a gate blocking the road ahead. Ceely had used a
borrowed TomTom mobile GPS unit to navigate the
nearly 240 kilometres of rural road from Redditch, Worcestershire,
to her boyfriend's parents' house in Carmarthenshire. It was her
first visit.

Judging by the illuminated GPS display on the dashboard device,
Ceely was just a few miles shy of her final destination, and the
road ahead should have been clear. When Ceely started opening what
she thought was a farmer's access gate, she did not realise there
were railway tracks underfoot until the train, blowing its whistle,
slammed into the tiny Renault Clio behind her. "I could feel the
air just pass me," Ceely told the BBC shortly afterwards, "and then
my car just did a 360-degree turn on the tracks and was knocked to
the other side."

Ceely is not alone. In late 2006 and early 2007, a mini-epidemic
of mobile GPS-related mishap stories was making headlines
worldwide: a 43-year-old man in Bremen, Germany, turned left when
instructed and drove his Audi right on to a tramway; another
20-year-old woman in England followed her dashboard GPS and drove
her Mercedes SL500 down a closed road outside the village of Sheepy
Magna and into the swollen nearby River Sence; and a man in
Australia turned off a highway prematurely, driving through a
construction site before stopping his SUV on the concrete steps of
a new building.

It's not that consumer-grade dashboard GPS systems are,
collectively, at fault. Something else was happening when these
commercially available GPS-enabled devices started hitting the
larger population -- something more fundamental. Instead of lifting
our heads, looking around and thinking for ourselves, some of us no
longer saw the world as human beings have for thousands of years --
and simply accepted whatever our GPSes showed us.

In order to reach the masses, technology vendors have taken
shortcuts. Software wizards
whisk us through otherwise complex configuration settings,
interfaces have fewer and fewer options for advanced settings, and
consumer goods are produced to be magic boxes whose internal
components don't involve the end user. Along the way, we've
introduced some unintended consequences.

But what if our dashboard GPS systems deliberately misled us? In
spring 2007, Andrea Barisani and Daniele Bianco showed a video at
the 2007 CanSecWest security conference in Vancouver, British
Columbia, in which the GPS unit in Barisani's 2006 Honda Civic
displayed a text alert warning of a terrorist threat near his home
in Trieste, Italy. Other rogue messages the two Italian researchers
had injected into consumer GPS devices included more innocuous
notifications such as "Bullfights Ahead".

This alert information doesn't come from satellites locked
in geosynchronous orbit; rather, traffic alerts are sent locally
via a ten-year-old radio protocol that
satellite radio stations use to populate song names and details on
dashboard entertainment screens. It didn't take long before someone
figured out how to manipulate this protocol. Since roadside GPS
alerts are not encrypted, anyone with the right equipment and
knowledge of the signal used by the dashboard device could do this.
The reverse is also true: someone could block an emergency message
in a denial-of-service attack. Thus, anyone with a low-power radio
transmitter who knows the frequency used by a GPS unit can
broadcast information -- true or false -- to passing
travellers.

Not only can people send false information to our devices, they
can also obtain personal data from us without our knowledge. Apple uses an iPhone's Wi-Fi internet
connection to trace it to a physical location. In 2008, a team of
researchers in Zurich, Switzerland, found ways in which the Apple
Wi-Fi location network could be compromised. The iPad, iPhone and iPod Touch
query the nearest wireless access points and transmit that
information to a database, where it is correlated with a physical
address (longitude and latitude). The Swiss researchers, however,
fed this service incorrect information, telling the Apple service
that the iPhone was in New York City when it was still in
Zurich.

But what if this vulnerability could be used with a more ominous
intent? Two years earlier, security researcher Terry Stenvold
published similar findings in 2600, a popular hacker magazine.
Stenvold found that he could steal someone else's hardware
specifications -- for example, the unique ID of a mobile phone or
the unique hardware ID of a laptop -- then upload that information
to a location service and have the service tell him that person's
current location. Here technology could be used surreptitiously to
track, for example, an ex-partner's current location.